Viktor Dukhovni wrote in <ZSQ9aZwh7SpRUzYH@xxxxxxxxxxxxxxxxxxx>: |On Mon, Oct 09, 2023 at 07:06:05PM +0200, Steffen Nurpmeso wrote: ... |> Alongside this i thought using a much smaller key would be great, |> and so i generated |> |> openssl req -noenc -newkey ED25519 -keyout key.pem -out csr.pem -x509 |> |> which gives wonderful short things. |> Unfortunately i cannot use it |> |> s-nail: Error setting PKCS#7 signing object signer: error:10800094:PKCS\ |> 7 routines::signing not supported for this key type |> |> I seem to know that this type does not support streams aka update, |> update, .. final cycles, but wanted to ask whether this is the |> problem here (without doing all the rewrite stuff), or whether the |> OpenSSL PKCS7 codebase simply cannot deal with RFC 8551 yet. | |Join the queue, :-( | | https://github.com/openssl/openssl/issues/11915 I did search only via Google as github is practically unusable if your bandwidth is out and you live with 5-8 Kbyte/sec. .... :) well ok hm, that gets a bit too involved for me, but the cms tool uses the PKCS7_*() itself, so we are brothers in failure. Thank you, Viktor! --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)
